ELSA-2015-0252

Опубликовано: 23 фев. 2015

Источник: oracle-oval

Платформа: Oracle Linux 7

Описание

ELSA-2015-0252: samba security update (IMPORTANT)

[4.1.1-38]

resolves: #1194132 - CVE-2015-0240: RCE in netlogon server.

Обновленные пакеты

Oracle Linux 7

Oracle Linux x86_64

libsmbclient

4.1.1-38.el7_0

libsmbclient-devel

4.1.1-38.el7_0

libwbclient

4.1.1-38.el7_0

libwbclient-devel

4.1.1-38.el7_0

samba

4.1.1-38.el7_0

samba-client

4.1.1-38.el7_0

samba-common

4.1.1-38.el7_0

samba-dc

4.1.1-38.el7_0

samba-dc-libs

4.1.1-38.el7_0

samba-devel

4.1.1-38.el7_0

samba-libs

4.1.1-38.el7_0

samba-pidl

4.1.1-38.el7_0

samba-python

4.1.1-38.el7_0

samba-test

4.1.1-38.el7_0

samba-test-devel

4.1.1-38.el7_0

samba-vfs-glusterfs

4.1.1-38.el7_0

samba-winbind

4.1.1-38.el7_0

samba-winbind-clients

4.1.1-38.el7_0

samba-winbind-krb5-locator

4.1.1-38.el7_0

samba-winbind-modules

4.1.1-38.el7_0

Связанные CVE

CVE-2015-0240

Ссылки на источники

Связанные уязвимости

CVE-2015-0240

ubuntu

больше 10 лет назад

The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x before 3.6.25, 4.0.x before 4.0.25, 4.1.x before 4.1.17, and 4.2.x before 4.2.0rc5 performs a free operation on an uninitialized stack pointer, which allows remote attackers to execute arbitrary code via crafted Netlogon packets that use the ServerPasswordSet RPC API, as demonstrated by packets reaching the _netr_ServerPasswordSet function in rpc_server/netlogon/srv_netlog_nt.c.

CVE-2015-0240

redhat

больше 10 лет назад

CVE-2015-0240

nvd

больше 10 лет назад

CVE-2015-0240

debian

больше 10 лет назад

The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x be ...

SUSE-SU-2015:0371-1

suse-cvrf

больше 10 лет назад

Security update for Samba